10/07/2015

Lawyers Washing their Hands of Email Encryption

by ZixCorp

During the 1990s, I worked as an operations manager in a big-brand food production plant. Needless to say, the plant had the usual quorum of food hygiene staff who would do spot checks to make sure everyone was behaving themselves. One year, the hygiene staff decided to spend some discretionary budget on a few hundred vinyl and Perspex signs reminding workers to wash their hands after using the “facilities.” I don’t know about you, but I would imagine that if I were mounting these signs in the restroom, I would place them on the back of the stall doors and above the urinals – so that staff would see these signs at the appropriate time. But oh no! According to the professionals, the correct location to place the signs was above the sinks, so that people would be encouraged to wash their hands….. while washing their hands. I was reminded of this folly this morning while reading this survey report from the American Bar Association. According to the report, only one third of lawyers are currently protecting their clients’ information by using email encryption. Over 70% apparently rely on what’s called a confidentiality statement at the end of the message body. Notice I write “at the end of the message body.” Think about it: you have to read all the way through someone’s confidential information before you reach the confidentiality statement. Hence if the information is not intended for you, you’ve already read confidential information intended for another client of your lawyer. Are you feeling protected? I love this quote from Robert Ambrogi’s blog site: “It is akin to putting a note inside a box that says, ‘Do not open this box.’” What’s worse, according to the survey, many of the lawyers who do use encryption use old fashioned, difficult to use systems that require recipients to be sent separate passwords. We already know that clients hate such systems because they have to spend time going to special websites and jumping through hoops to retrieve their email. Not to mention if the email goes to the wrong recipient, most likely the password email will also go to that same wrong recipient. If you’re a lawyer, please don’t “wash your hands” of protecting your clients: learn about modern email encryption by clicking on this link. Also, you may enjoy this blog about the worthlessness of confidentiality statements.